How do I protect the privacy of my site's shared encryption key?

The shared encryption key (SEK) is used by Ocean to encrypt a patient's personal health information (PHI) prior to leaving the circle of care. Beyond the standard strong security precautions implemented by Ocean, the privacy of the shared encryption key effectively prevents third parties (including CognisantMD) from eavesdropping on patient information. Without the shared encryption key, the patient's data cannot be decrypted and consequently cannot be viewed.

As a result (in the spirit of PIPEDA / PHIPA and our privacy policy), it is important for health information custodians (HICs) to take precautions to ensure the shared encryption key and its associated password remain private.

These precautions can unfortunately make it more difficult for clinicians to locate the shared encryption key when it is needed for legitimate clinical purposes. It may be a very unfortunate situation when the shared encryption key is lost completely, because it prevents health service providers from viewing potentially important clinical information about patients in Ocean. For tips on recovering your site's shared encryption key, please refer to: "Recovering a Lost / Forgotten Shared Encryption Key".

General Precautions for Protecting the Shared Encryption Key

Ocean provides some automated mechanisms to protect the privacy of the shared encryption key:

  • The shared encryption key is never sent across the network (* except in special circumstances when sites have specifically opted-in)
    • * For pragmatic reasons, Ocean site administrators may choose to provide their SEK to Ocean Cloud Connect or as part of a SMART on FHIR EHR launch to activate associated functionality. Even in these circumstances, it remains inaccessible to Ocean administrators, since the key is sent privately in an encrypted format to protected systems within the Ocean Network.
  • All requested viewings of the shared encryption key password in the Ocean Portal are logged.
  • The shared encryption key cannot be viewed in an electronic medical record without prior authorization as a clinical administrator.
    • e.g. in PS Suite, the user is prompted to enter their Ocean username and password and is subsequently validated as an Ocean site administrator prior to the key's presentation

Best Practices for Clinical Administrators

  • Follow standard "strong password" security guidelines when choosing a shared encryption key.
  • Keep the "hint" for your shared encryption key sufficiently vague such that a hacker could not easily use it to guess the key, find the key's physical location, or use social engineering to obtain it.
  • Do not write down the shared encryption key in a public location (especially not on a whiteboard or a yellow sticky next to the computer!)
  • Do not choose a hint that is merely a shortened or transformed version of the actual shared encryption key (e.g. using "P@ssw0rd" to describe password)
  • Do not enter the shared encryption key in browsers on publicly-accessible terminals
  • Do not email the shared encryption key.
  • Do not store the shared encryption key on an external drive or cloud server without appropriate privacy and security protocols to restrict access.
  • If you print the shared encryption key, keep a known, limited number of copies of the printout and store them in a secure, locked location.
  • Do not re-use a personal password for the key.
  • Do not re-use a clinic-wide password for the key.
  • Do not re-use a shared encryption key used at any other clinic.
  • Change the key if it has been publicly disclosed or compromised by an untrusted individual.
  • Consider using a trusted secure password manager such as LastPass or 1Password to store the shared encryption key.
Have more questions? Submit a request